CVE-2020-0832: 
vulnerability analysis and mitigation

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, known as 'Scripting Engine Memory Corruption Vulnerability' (CVE-2020-0832). This vulnerability was disclosed on March 12, 2020, and affects Internet Explorer and various versions of Microsoft Windows operating systems (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability is classified as an Out-of-bounds Write (CWE-787) issue. This CVE is unique from several other scripting engine vulnerabilities including CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0833, and CVE-2020-0848 (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current user. Users with administrative privileges could be more severely impacted than those with restricted access (MITRE).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate security updates for their affected systems through Windows Update (Microsoft Security Advisory).